When we start to check the PDF files that exist in our PC or laptop, we may use an antivirus scanner but these days, it seems they’re not good enough to detect malicious PDF files that contain a shell code because an attacker will mostly encrypt its content to bypass the antivirus scanner and in many times target a zero day vulnerability that exist in Adobe Acrobat Reader or in updated version.
Before we start to analyze malicious PDFs, we are going to have a simple look at PDF structures so we can understand how the shell code works and where it;s located.

PDF components

PDF Header
The first line of a PDF shows the PDF format version. It’s the most important line that gives you the basic information of the PDF file, for example “%PDF-1.4 means that file was created with the fourth version.

PDF Body
The body of the PDF file consists of objects that compose the contents of the document. These objects include fonts, images, annotations, text streams and the user can put invisible objects or elements. These objects can interact with PDF features like animation and security features. The body of the PDF file supports two types of numbers (integers, real numbers).

The Cross-Reference Table (xref table)
The cross- reference table contains links of all objects and elements that exist on file format, and you can use this feature to see other pages contents (when the users update the PDF, the cross-reference table gets updated automatically).

The Trailer
The trailer contains links to the cross-reference table and always ends up with %%EOF to identify the end of a PDF file. The trailer enables a user to navigate to the next page by clicking on the link provided.

Malicious PDF through Metasploit
Now after we have taken a tour inside the PDF file format and what it contains we will start to install old versions of Adobe Acrobat Reader 9.4.6 and 10 through to 10.1.1 that will be vulnerable to Adobe U3D Memory Corruption Vulnerability. These exploits exist in Metasploit framework so we going to create the malicious PDF and analyze it in KALI Linux distribution. Open the terminal and type msfconsole. We going to set some Metasploit variables to be sure that everything is working fine.
*After choosing the exploit type, we are going to choose the payload that will execute during exploitation in the remote target and open Meterpreter session. The file has been saved on /root/.msf4/local.

So we are going to move the file to the Desktop for easier access by typing in the terminal
root@kali :~# cd /root/.msf4/local
root@kali :~# mv msf.PDF /root/Desktop

PDFid
Now we are going to use PDFid to see what the PDF contains, like elements and objects and JavaScript, and see if there is something interesting to analyze. The PDF has only one page, maybe it’s normal. There are several JavaScript objects inside… this is very strange. There is also an OpenAction object which will execute this malicious JavaScript So we are going to use peepdf.

Peepdf
Peepdf is a Python tool that is very powerful for PDF analysis. The tool provides all the necessary components that a security researcher might need in PDF analysis without using too many tools to do that, and it support encryption, Object Streams, Shellcode emulation, Javascript Analysis, and for Malicious PDFs, it shows potential vulnerabilities, shows suspicious elements, has a powerful interactive console, PDF obfuscation (bypassing AVs), Decoding:
hexadecimal – ASCII and HEX search.

Analysis
If we are going to start analysis, go to the directory of the PDF file then start with syntax /usr/bin/peepdf–f msf.pdf.
*choose the LHOST which is our IP address and we can view through typing ifconfig in new terminal
*finally we type exploit to create the PDF file with configuration we created before

We use –f option to avoid errors and force the tool to ignore them. This the default output but we see some interesting things. The first one we see is the highlighted one object 15 continue JavaScript code and we have also one object 4 continue two executing elements (/AcroForm & /OpenAction) and the last one is /U3D showing to us a known vulnerability for now we will start to explore these objects by getting an interactive console by typing syntax /usr/bin/peepdf –i msf.pdf

The tree commands show the logical structure of the file, and starting explore object 4 (/Acro-Form).
When we type object 4 it gave you another object to explore. For now, we didn’t see any important information or anything that seems suspicious except object 2 (XFA array) that gave us the element <fjdklsaj fodpsaj fopjdsio> and it seems to us that it doesn’t contain anything special. Let’s move to the another object (Open Action).
Now we can see JavaScript code, that will be executed when the PDF file is opened. The other part of the JavaScript code is barely obfuscated, like writing some variables in hex, and in this code we can see a heap spraying with shell code plus some padding bytes. The attackers typically use unicode to encode their shell code and then use the unescape function to translate the unicode representation to binary content (now we are sure that it is definitely a malicious PDF)

Defend
We defend our network from that type of malicious file by providing strong e-mail and web filters, IPS and by application control: disable JavaScript and disable PDF rendering in browsers, block PDF readers from accessing file system and network resources. Security awareness is important.

There are many difficulties and challenges when beginning any career. However, the limitations and challenges depend on our mindset. To excel at anything, we must learn, research, practice, and never give up. Repeat, repeat, repeat. But what sets apart a good tester and a great tester? As you grow in your career, it is important to remember the following:

Testing = Mission Critical
Eat, sleep, and breathe testing. The quality of a product is determined by the quality of its testing phase and can have disastrous outcomes if rushed or skipped. In critical fields such as air traffic control, the presence of bugs in a software application can cause irreparable losses. Testers must be aware that the quality of product is of utmost importance, and be the advocate for the testing process.

2.Be Passionate
The key to success in any work is having true passion. Why is passion so important for testers? It gives you inspiration to find creative ways to overcome challenges in your work. That passion is what helps a sometimes repetitive process stay exciting, day after day.

3. Be a Team Player
Professional testers must be team players. They need to collaborate with other members to gain the best quality for product, both within their own team and across departments. Teamwork also means sharing experiences and learning from other testers.

4. Communicate
Often testers are responsible for communicating quality problems directly to an executive team. They must be able to speak in both technical and non-technical terms depending on the audience. As you interact with management, developers, and other project stakeholders, it helps to be clear and concise in your communication. As a company grows, you must also be able to communicate with other team members across the globe. Strong written and verbal skills are necessary to compete in today’s job market.

5. Adapt and Learn
Technology changes at a break-neck pace, making it imperative that testers can adapt to constantly changing requirements. A great tester learns new technologies quickly and applies them to projects to meet customer needs.

6. Understand Multiple Testing Methodologies
In testing, there are many methodologies and techniques including manual testing, automated testing, security testing, and performance testing. Every company and project might use a different methodology, so it is critical that a great tester understands how to apply these techniques.

7. Analyze and Critique
Great analytical skills help break up a complicated system into smaller units to create corresponding test cases. A tester should be able to think outside of the box to see a bug differently or from a new perspective. Finally, they have to be highly critical to identify potential problem areas.

Remember, a successful tester never stops growing as our industry is constantly changing. Becoming a great tester takes time, but if you are willing to identify the areas you need to grow, and the skills you need to nurture, you will find yourself among the best.

About the Author

Hoa Leis Senior QA Engineer at KMS Technology, a provider of IT services across the software development lifecycle with offices in Atlanta and Ho Chi Minh City.

]]>https://hakin9.org/7-key-traits-to-master-for-novice-testers/feed/010 Chances To Win One Of 10 Different IT Security Books From Packt Publishing And Hakin9 – Results!https://hakin9.org/10-chances-to-win-one-of-10-different-it-security-books-from-packt-publishing-and-hakin9-results/
https://hakin9.org/10-chances-to-win-one-of-10-different-it-security-books-from-packt-publishing-and-hakin9-results/#commentsThu, 11 Jun 2015 10:25:39 +0000https://hakin9.org/?p=12926Thank you for your participation, all titles were great! Our experts were debating for a long time before they could create final list. And now, not to keep you on your toes, here it is (in accidental order):

PRINCIPAL TRENDS IN MAY

Number of entries for malicious and unwanted software targeting Android OS in Dr.Web virus database

April 2015

May 2015

Dynamics

7,971

9,155

+14.85%

Mobile threat of the month

May was marked by high activity of banking Trojans targeting users of Android devices and distributed by cybercriminals in a number of countries. For this purpose, virus makers extensively used unsolicited SMS messages containing a link to download one or another Trojan. For example, in Russia, cybercriminals used already known topics for their MMS messages. Among banking Trojans, spread by means of short messages, a number of Android malware belonging to the Android.SmsBot family were detected (in particular, Android.SmsBot.269.originand Android.SmsBot.291.origin).

Again, a large number of attacks with the use of banking Trojans were registered is South Korea; that is, in May, Doctor Web security researchers detected more than 20 spam campaigns organized by cybercriminals. The following topics were used for the messages:

Malicious applications that performed the attacks

Moreover, during the previous month, new banking Trojans belonging to the Android.BankBot family came into view. Despite the fact that the virus makers responsible for the creation of these Trojans had been arrested in April, distribution of this malware continued by other cybercriminals.

The number of entries for banking Trojans of the Android.BankBot family in Dr.Web virus database:

A banking Trojan that steals authentication information used by the clients of some South Korean financial organizations. Once a popular online banking application is launched, the Trojan replaces its interface with a fake one that prompts the user to enter all confidential data necessary to control their bank account. The divulged data is forwarded to cybercriminals. Under the pretext of subscribing the user to a banking service, it attempts to install the malicious program Android.Banker.32.origin.

A banking Trojan designed to steal money and remotely controlled by cybercriminals.

Android ransomware

May also experienced the discovery of new ransomware species of the Android.Locker family. These programs lock Android devices and demand a ransom to unlock them. The number of entries for these dangerous malicious applications in Dr.Web virus database:

April 2015

May 2015

Dynamics

227

266

+17.2%

SMS Trojans

During the previous month, Doctor Web security researchers detected a large number of new SMS Trojans belonging to the Android.SmsSendfamily and designed to send messages to premium numbers and subscribe users to chargeable services.

The number of entries for SMS Trojans of the Android.SmsSend family in Dr.Web virus database:

April 2015

May 2015

Dynamics

3,900

4,204

+7.8%

Protect your Android handheld with Dr.Web now

]]>https://hakin9.org/may-2015-android-malware-review-from-doctor-web/feed/010 Chances To Win One Of 10 Different IT Security Books From Packt Publishing And Hakin9https://hakin9.org/10-chances-to-win-one-of-10-different-it-security-books-from-packt-publishing-and-hakin9/
https://hakin9.org/10-chances-to-win-one-of-10-different-it-security-books-from-packt-publishing-and-hakin9/#commentsTue, 12 May 2015 10:52:33 +0000https://hakin9.org/?p=1264610 Chances To Win One Of 10 Different IT Security Books From Packt Publishing And Hakin9

The CONTEST for THE BEST IT SECURITY COURSE you would like to participate.

Imagine that you can now participate in the IT Security course of your dreams – the course that will give you an opportunity to become the Best Hacker in the world and add extra hacking skills to your portfolio. Share the title of this course with us by posting the comments below and take part in the Packt Publishing And Hakin9 CONTEST!

HOW TO ENTER

All CONTEST submissions must be made through the Website Hakin9 as follows:

Step 1: Log on to www.hakin9.org.
Step 2: Click on the “Comments” bar associated with the Contest post.
Step 3: Post your comments including the THE BEST IT SECURITY COURSE TITLE.

The winner titles will be chosen based on their originality, learning goals, and practical usage.

The authors of the 10 Best Course Titles will win the one of those e-books below:

JUDGING: All Entries will be judged by our experts and the experts will select ten (10) entries in the internal voting. Experts’ decisions are final and binding.

Winners will be chosen on or around May 18, 2015, and notified by email. Hakin9 will also post the winning titles for the security courses on www.hakin9.org

]]>https://hakin9.org/10-chances-to-win-one-of-10-different-it-security-books-from-packt-publishing-and-hakin9/feed/45Drowning in Security Solutionshttps://hakin9.org/drowning-in-security-solutions/
https://hakin9.org/drowning-in-security-solutions/#commentsSat, 09 May 2015 11:43:50 +0000https://hakin9.org/?p=12634At the RSA convention the other week, I met a wonderful European gentleman named Knud. The ‘K’ is pronounced for this name. Knud told me the story of a Viking king who was known for shouting at the waves.

According to several documented accounts, this king would make it his mission to order the waves to cease at his command. The Viking lord was spotted many times standing on top of a cliff yelling at the waves below to stop.

For what purpose, we will never know. We do know that the waves did not stop and have not stopped for any man beyond religious accounts. No mortal man has ever been able to command the ocean to bend to their will. But that would be a cool trick to witness.

The biggest question here is why a noble man would even try to stop these forces of nature. Because he thought he could? Because he thought he had some magical power? Because he was trying to prove a point, maybe?

In digital security, we often find ourselves trying to shout at the waves as well. We go to training, attend classes, buy new software, add all sorts of cool gadgets in hopes that we too can control the waves of security woes.

This is not an uphill battle, it’s a battle you can’t win with the way things are going now.

No, this article isn’t about FUD. It’s about the reality of futility. RSA had an estimated 35,000 attendees. Of those thousands, I only saw a few African Americans and a small percentage of women in the crowd. Except in one case, I did not see a single teenager. Why is that?

The last time I looked, there was a significant part of our population that isn’t white and male. So why is digital security dominated by old white guys when the real world doesn’t look anything like that?

Amit Yoran of RSA had a talk about the need for a new map in the field of cybersecurity. How about we start by populating that map with a better representation of the real world?

We can add some minorities to the workforce. We can increase the amount for women in this profession. Maybe even give them equal pay for equal work.

While Mr. Yoran has you sitting in the dark when it comes to security, we at the Institute for Security and Open Methodology (ISECOM) have created a free teaching platform for teens.

If we want a new shift in thinking, if we want the waves to actually stop, we need to come up with a new solution.

At Hacker Highschool, we have a new solution, and it’s called free education. There are all kinds of lessons for teens to download that will teach them about the digital security profession. These lessons are free to download and are translated into twenty-two languages.

The lessons do not favor any particular product or vendor, we teach our students to think for themselves. The lessons do not endorse sitting in the dark, waiting for an opportunity. Instead we teach something called trust.

Trust is established by implementing the ten operational security controls listed in the Open Source Security Testing Methodology Manual (OSSTMM). This is an unbiased evaluation of any device, network, or product down to the chip level.

You, the evaluator, get to determine whether something is trustworthy or not. The vendor marketing jargon and fancy words fall to the side when you use the free OSSTMM.

This is what we are teaching at Hacker Highschool. We are teaching the next generation of digital security professionals to question every firewall, every protocol, every chip on every device and every means of communication to see if they are trustworthy.

The OSSTMM uses a simple mathematical formula to remove any doubt that could add opinion over fact.

Our lessons at Hacker Highschool are being taught at a rate of 6 million downloads. Of those downloads, only 2% are from the U.S… Why is that?

Why is it that China understands the importance of teaching their youth about security but the U.S. does not? Europe and Asia also understand this critical shortfall but not in America. We don’t ask for your race, gender or financial background to download our free material. We just want you to learn.

Hacker Highschool has the lessons, the teacher training material and the certifications are backed by ISECOM.

We want you to stop shouting at the waves and shine some light into the darkness. The new map belongs to our future and we need to start teaching them about the mistakes we already made.

For those who are asking who I am, I’m an unpaid volunteer for Hacker Highschool, as all of us are. We believe in this cause but we need your help. Help us to help you. Teach the next generation of teens about our field. Shine some light on to their faces and watch them learn.

Test Suite Enables Organizations to Self-Certify that Their OpenID Connect Deployments are in Conformance

RSA Conference 2015, San Francisco, CA – April 22, 2015 – Today theOpenID Foundation announced the OpenID Connect Certification Test Suite – a test suite that enables organizations to certify that their OpenID Connectdeployments conform to the OpenID Connect standard. The test suite was developed as open source software product in cooperation between Europe’s GÉANT Project under a grant to promote international interoperability of digital identity systems, the OpenID Foundation, and Umeå University in Sweden.

With the OpenID Connect Conformance Test Suite an organization can test and self-certify their OpenID Connect deployment as part of the OpenID Certification program to verify that it conforms to defined OpenID Connect profiles. The OpenID Certification program is a formal public declaration by an entity that its specific identified deployment of a product or service has passed the conformance tests developed by the OpenID Foundation and conforms to specified conformance profiles of the OpenID Connect protocol. Once a test is successfully completed, the entity issues a declaration of compliance and once accepted by the OIDF.

“On behalf of the OpenID Foundation and its members, a sincere ‘thank you’ to our colleagues at Umeå University and the GÉANT Project for the close collaboration on the successful deployment of the OpenID Conformance Test Suite,” said Nat Sakimura, OpenID Foundation Chairman and Senior Researcher, Nomura Research Institute. “This global platform will provide transparency and assurance that the Internet identity services of certifying organizations conform to the OpenID Connect standard.”

“Our work together demonstrates that joint operational and technical collaboration from Europe, North America, Asia, and South America significantly advances the adoption of user centric open identity standards,” said Licia Florio, GÉANT Project Activity Leader for Identity and Trust Technologies for GÉANT services. “We are well positioned to foster further adoption of the OpenID Connect standard and significantly increase certification of identity trust frameworks in Europe – and globally.”

“Important for all standards is verifying that an implementation complies with the standard or the special profile of the standard,” said Ali Foroutan-Rad, Director for ITS, Umeå University. “Given the advances in identity and e-commerce systems, it was important to develop a web service to truly test identity systems using a freely-available online protocol testing service.”

The OpenID Connect Conformance Test Suite, hosted by Symantec, was used by industry leaders Google, Microsoft, ForgeRock, Nomura Research Institute, Ping Identity, and PayPal in the first phase of the OpenID Connect Certification program. The next phase adds relying party certification and makes OpenID Connect self-certification and registration available to OIDF members in good standing starting in May 2015, with a roadmap to make the OpenID Connect Certification program and the OIXnet Registry generally available in January 2016.

About GÉANT

The GÉANT Association is the leading collaboration on network and related infrastructure and services for the benefit of research and education, contributing to Europe’s economic growth and competitiveness. The organisation develops, delivers and promotes advanced network and associated e-infrastructure services, and supports innovation and knowledge-sharing amongst its members, partners and the wider research and education networking community.

It is owned by its core membership of 36 European national research and education network (NREN) organisations and NORDUnet, which participates on behalf of five Nordic NRENs. Associates include commercial organisations and multi-national research infrastructures and projects.

The GÉANT Association was formed on 7 October 2014, when TERENA and DANTE joined forces. The GÉANT Project is a major area of the association’s work and the association is proud to have adopted the GÉANT name.

About Umeå University

Umeå University was founded in 1965 as fifth university in Sweden. With about 4 500 employees and over 34 000 students, a large number of international projects and other forms of cooperation in the research and education field, Umeå University has a solid foundation in international area with a strong international and multicultural presence with students, teachers and researchers from all over the world.

Umeå University is, through the department ICT Services and System Development (ITS), the central IT development organization for HEIs in Sweden. ITS has been in the international forefront of developing administrative systems for the Swedish higher education sector for the past 25 years. With a staff of over 200 IT-professionals, most with long experience and broad expertise, ITS works with a broad field of activities such as IT operations and support to systems development, professional testing, etc. ITS is managing projects of all sizes. Maintaining the Swedish national student information system (Ladok) and the Swedish national admissions system (NyA) are two main missions ITS performs. Development of the next generation of national student information system in Sweden (Ladok3) is one of the biggest projects ITS is involved in.

About The OpenID Foundation

The OpenID Foundation is an international non-profit organization of individuals and companies committed to enabling, promoting and protecting OpenID technologies. Formed in June 2007, the foundation serves as a public trust organization representing the open community of developers, vendors, and users. The OIDF assists the community by providing needed infrastructure and help in promoting and supporting expanded adoption of OpenID technologies. This entails managing intellectual property and brand marks as well as fostering viral growth and global participation in the proliferation of OpenID.

Information Security Analytics: Finding Security Insights, Patterns, and Anomalies in Big Data by Mark Ryan M. Talabis, Robert McPherson, Inez Miyamoto and Jason L. MartinThis book provides insights into the practice of analytics and, more importantly, how readers can utilize analytic techniques to identify trends and outliers that may not be possible to identify using traditional security analysis techniques. It contains information on open-source analytics and statistical packages, tools, and applications, as well as step-by-step guidance on how to use analytics tools and how they map to the techniques and scenarios provided. Readers learn how to design and utilize simulations for “what-if” scenarios to simulate security events and processes, and how to utilize big data techniques to assist in incident response and intrusion analysis. Written by security practitioners, forsecurity practitioners, the book includes real-world case studies and scenarios for each analytics technique.

The book contains 183 pages of which 160 are text (not counting foreword, index etc.). A significant amount of the text is examples and listings of code and results. This means this book is actually not all that big. At first this might feel al bit disappointing, after all what did I just spend my money on? This feeling will quickly disappear when you start reading the book. What makes this book so useful is the guided examples and exercises. These take the theory and make things tangible. A book with just theory on security analysis techniques for big data would be useful but with the addition of these case studies and examples the reader will be able to put the theory into practice with little effort.

It is also clear that the reader is meant to be using the book and exercises in an active role, just reading the book will be a waste of the author’s effort to create all these examples. The reader who uses his computer while reading the book and doing all the exercises will spend a large amount of time but it will be worth the effort.

Each chapter begins with a small section detailing the information revealed in that chapter. Most chapters als contain a section with references and tips to expand on the topic of that chapter. This makes this book such a great starting point for people with little knowledge on the subject.

The book consists of 7 chapters.

Chapter 1 contains the mandatory definitions and concepts needed to understand the content of the rest of the book. Many of the techniques used in the book are also used in machine learning. This creates some synergy between this book and some well known online courses that deal with this subject. One of the most important pieces of information in this chapter is the security analytics process that details the steps going from data -> analysis -> security intelligence -> response.

Chapter 2 deals with the tools needed for analyzing data. The most important tools discussed are Hadoop (distributed file system) and MapReduce (data aggregation for Hadoop). The R programming language will be used to perform statistical calculations. For simulations the author makes use of the Arena software product.

Chapter 3 is 42 pages (25% of the total text) and handles analytics and incident response. This is clearly the main focus of the book. The topics explained in this chapter explain how to look for a series of known attack patterns such as SQLi and XSS but also how to look for other anomalies in data such as ratio of failed to successful requests as a time series.

Chapter 4 is quite short in theory (3 pages) but contains an extensive case study on the topic of simulations. A simulation starts out as a model to which parameters are added. The simulation software uses these to return some data, this data needs to be analyzed in order to formulate conclusions. The author shows a use case in which different anti-virus gateway offerings are simulated.

Chapter 5 is dedicated to access analytics. Remote access is widely used and it is important that an organization can quickly discover misuse of access. This chapter uses VPN remote access as the example and makes use of Python scripts to analyze the data.

Chapter 6 explains when and how we can make use of text mining specifically related to security. This technique is used on large amounts of relatively unstructured data such as email, wikis etc.

Chapter 7 contains some information on security intelligence and what the future might hold for security analytics.

Note: the lay out of the book shows a lot of white space at the edge of each page. Even though this gives some room to scribble down notes I personally prefer to have a little less whitespace at the edge of the page.

Steven Wierckx

]]>

https://hakin9.org/12356/feed/1PRTG Network Monitor system in Enterprise networkhttps://hakin9.org/prtg-network-monitor-system-in-enterprise-network/
https://hakin9.org/prtg-network-monitor-system-in-enterprise-network/#commentsWed, 25 Feb 2015 16:16:07 +0000https://hakin9.org/?p=12246In this article, we want to install and configure PRTG Network Monitor system to use it in Enterprise network.

Steps for installing PRTG

– First step: you should download a latest version of PRTG Network Monitor software. Here I downloaded this version (see the picture)

– I will setup a free version of PRTG , and if you want, you can buy a full version of this software.

– In this step you should agree with license of PRTG , and go to next step. But if you want to stop the installation process, you can disagree! J

– In this step, you should set the destination folder for PRTG. Be sure that you have enough space for this software.

– In this step, you will choose which edition of the software is suitable for you, the free version, Trial Edition or a commercial edition.

– Now you should fill in the blanks:

1- Email address for Administrator of Monitoring system

2- Choose a login name for admin

3- Choose a password for admin

4- Which protocol you want to use to connect to admin panel, I recommend that you choose https for safety

5- And now you should define the address for access to the PRTG panel

– In this step you have two choices:

1- Standard mode, where you use one server for monitoring purposes in your network.

2- Cluster mode, where you use high availability and use two or more servers for monitoring purposes in any part of the enterprise network that you want.

– At the end, PRTG thanks you for choosing this software in your network, J and you can use the support link to ask your questions about PRTG. When you click on next , you can see the PRTG manual. Open a web browser and open GUI interface of PRTG.

Steps for Configuration:

– Now you should type the address of PRTG server in your web Browser and open it in your network or locally.

In this step you may have a certificate error, but don’t worry, you can choose “continue to this website” and pass this error.

Now you should enter your administrator user and password that you made during the installation process.You can choose either the web interface or Windows interface, depending on your decision, but the web interface is faster and you don’t need to download any software.

– Now welcome to the main menu of the software.

On this page, you have these choices:

1- Add a sensor manually. If you want to monitor one device, you can add it and define a sensor for this device.

2- The best option in this step is Network Auto Discovery, so you can automatically find any device that works on your network, discover them and add them to Monitor server.

3- You can view the result of the monitoring server.

4- You can download the GUI software.

5- You can install PRTG on your mobile phone (Android or IOS) and remotely monitor your network, even if you are in your home.

6- Help, for any question about PRTG.

– for example , I chose add sensor manually.

You can add a new device or add sensor to existing device.

– You can group your devices, make new groups, update existing groups.

– In this step you should enter name, IP address and other information of your device.

– Now that your device is added carefully, you should add a sensor to monitor the status of this device.

– You can search for a new sensor, choose existing sensors or make a new sensor for your device.

– I chose ping sensor to monitor the ping time of my device.

– Now, define a name for this sensor. It is recommended that you define some special names for your devices and sensors to monitor them easily and when you have a problem, you can find where the problem comes from or which device has a problem.

– Now the sensor is ready and you can easily monitor your device online.

In the end, I hope this manual helps you to manage and monitor your network better.